wiab4355 wrote:Thanks for the first response, but the second...
A router that broadcasts itself as "linksys" suggests that the router's owner/operator hasn't put much effort into wifi security, as the first thing you usually change when you diligently configure your router's settings are its name, the network name, and the router's static IP.
One of my neighbors has a linksys router. I know this because his network says "linksys" when any of my wireless devices see it. His network is actually unsecured, which doesn't surprise me. People who leave their network name as "linksys" typically either have unsecured, or poorly secured (WEP) networks. So I can login to his wifi network any time I feel like it. Since I know his router is linksys, I also know that by default it gives itself the static IP of 192.168.1.1 so once I'm in his unsecured network I can be at the admin prompt for his router because he didn't bother to change the static IP. Since I know the router's IP, I also know its model (WRT160N). He did
change his router's password, but I expect that a brief brute force attack would yield it. Or I could just sniff his network for long enough and watch him login to his own router. Or process of elimination would tell me WHICH neighbor this is, and a little social engineering would give me the router password or a short list of possibles. Once I'm in his router, I can burn my own firmware and do whatever I want, including giving myself a back door in should he ever be so silly as to attempt a "factory reset" on the router. Once its my firmware in his router, all bets are off. Reset is no longer a viable option.
I'm not evil and I'm not bored. His bandwidth is a dribbling clogged faucet compared with my pipe. Nothing motivates me to want to ruin his router or play with his network. But the fact that doing so would be so ridiculously simple is enough of a warning. There are so many things wrong with this. It all starts with broadcasting a SSID of "linksys", thus advertising yourself as not being very security savvy.
So much he could do to fix this:
Change the SSID.
Force https login to the router.
Disable wireless login to the router.
Change the router's static IP from default.